Self-service password change for user with expired password doesn't work

nextcloud
self-service
ucs-4-2

#1

Hello,

i’m currently evaluating UCS together with NextCloud, so I installed a test vm to try it out. I need to setup password expiration, so to test it out I’ve created a new password policy with an expiration of 1 day and I’ve assigned it to a couple of users. All works well: before expiration the users can login, access nextcloud, then the password expires (btw…It would be nice if the system had sent a mail out about the expiration to the external reset email address… is it possible?), and the users are logged out from nextcloud and they can no longer login.

I’ve installed the “self-service” application, but when an user with an expired password tries to change it the operation fails with an answer of “wrong credentials”.

The fun is that if i try to login into the management console with the same credentials(even if the users do not have management rights) the dialog turns into one to renew the password and the process completes without issues (minus the fact that upon login into the console, a new dialog pops up saying that the user cannot manage any module, as expected).

Do you are aware of this issue? Can I try something else?

The auth log shows some lines written py a python process stating that the user has an expired password… but I don’t know if it really matters…

How can I proceed to debug it?

thanks in advance.

P.S. The system version is a brand new 4.2 updated to 4.2-3 errata241


#2

You have hit a bug in UCS. We have already filed a bug report: https://forge.univention.org/bugzilla/show_bug.cgi?id=45813

I cannot tell you an ETA, but it should be fixed soonish.

Until then, maybe you can create a workaround using the password reset module and external email addresses

Greetings
Daniel Tröder


#3

Thank you @troeder, I should have checked the bug tracker